Another Example for SOX & Cybersecurity

cybersecurity

From time to time I’ve written about how poor cybersecurity and software patch management leads to faulty internal financial controls. Now a bank in Tennessee has disclosed a cybersecurity breach that seems to demonstrate the case.  The bank, First Horizon Corp. ($FHN), disclosed the breach in an SEC filing last week. The breach wasn’t large,…

Read More

SOX Compliance Struggles Onward

sox

SOX compliance professionals trying to find your place in the world may want to read the latest survey from the SOX Professionals Group. It’s full of benchmarking statistics about the challenges of Sarbanes-Oxley compliance this year and the technologies compliance teams are eyeing to get the job done.  The report, “2020 State of SOX &…

Read More

Report: SOX Costs, Hours Rising Again

sox

Protiviti just released its latest report on Sarbanes-Oxley compliance practices, and internal audit professionals may want to brace themselves. Costs are rising, manhours are rising, automation isn’t happening nearly as quickly as one might hope — and that was all the case before Covid-19 made everything more difficult. The report surveyed 735 internal audit professionals…

Read More

Internal Audit Survey-Palooza

internal audit

Spring is the season for surveys about the internal audit world, so today we have three recent studies to help audit and compliance executives understand the concerns driving that particular function right now. No surprise: those concerns are data and technology, all the way down. First we have PwC’s 2018 State of Internal Audit report,…

Read More

New Audit Report Format Approved

audit

Auditors and corporate reporting professionals everywhere, prepare yourselves: The SEC has approved the new, more detailed format for external auditors’ reports! The new standard, drafted by the Public Company Accounting Oversight Board after seven years of negotiations, requires audit firms to disclose “critical audit matters” (CAMs) they find while auditing your financial statements. That approach…

Read More

PCAOB Sets New Audit Report Format

audit

Compliance and audit executives, set your countdown clocks: a new type of audit report will be arriving at your organization three years from now. Today the Public Company Accounting Oversight Board finally adopted a new standard for the report, which will require more disclosure of “critical audit matters” that weigh on the mind of your…

Read More

Some Other Posts Worth Reading

compliance

Occasionally I write guest posts about compliance and governance topics elsewhere on the Web. Three of those posts have recently gone live, one about third-party risk management and two others about the proper love and care of SOX compliance programs. If you just can’t get enough of me, here is a run-down of where to…

Read More

Best Practices in SOX Certifications

Some shameless self-promotion today: I have a guest post on Workiva’s blog about financial reporting and SOX compliance, exploring a few best practices in how companies can design and operate certification programs for SOX controls. Getting control owners to certify the effectiveness of those controls is not a new idea, I know. (I first wrote…

Read More

Of SOX Controls and Earnings Reports

insider

The data analytics gurus over at Calcbench just published some numbers that SOX compliance and SEC reporting professionals might find interesting: a study of the gap between publishing an earnings release and filing the subsequent quarterly report. Calcbench reviewed the Form 8-K earnings releases and Form 10-Q quarterly reports from 3,399 companies that filed in…

Read More

Talking About Tech Shifts at TEC 2016

Workiva’s TEC 2016 user conference kicked off today, and I have the good fortune to be on site here in San Diego. Today’s main sessions hit on themes of technology power and flexibility—which compliance and audit executives certainly need as they confront the modern regulatory and reporting climate. Workiva started by announcing a flurry of enhancements…

Read More